Tuesday, April 15, 2014

If anonymous sources are enough to convict the NSA in the court of public opinion over the Heartbleed bug, what does that mean for news that Google knew about it and didn't tell users or the government?

Google knew about a critical flaw in Internet security, but it didn't alert anyone in the government.

Neel Mehta, a Google engineer, first discovered "Heartbleed"—a bug that undermines the widely used encryption technology OpenSSL—some time in March. A team at the Finnish security firm Codenomicon discovered the flaw around the same time. Google was able to patch most of its services—such as email, search, and YouTube—before the companies publicized the bug on April 7.

The researchers also notified a handful of other companies about the bug before going public. The security firm CloudFlare, for example, said it fixed the flaw on March 31.

This is not an anonymous source, but a named Google employee admitting to this.

Asked whether Google discussed Heartbleed with the government, a company spokeswoman said only that the "security of our users' information is a top priority" and that Google users do not need to change their passwords.

Companies often wait to publicize a security flaw so they can have time to patch their own services. But keeping the bug secret from the U.S. government may have left federal systems vulnerable to hackers. The IRS said it's not aware of any vulnerabilities in its system, but other agencies that use OpenSSL could have been leaking private information to hackers.

The government encourages companies to report cybersecurity issues to the U.S. Computer Emergency Readiness Team, which is housed in the Homeland Security Department. US-CERT has a 24-hour operations center that responds to security threats and vulnerabilities.

Why would Google tell the government or competitors and not keep this to themselves, so they could fix the bug on their servers while other internet giants were vulnerable? Then they could say "Hey, we fixed the problem, these other guys were the ones that exposed your password info."

Of course that only works if people don't find out Google is a bunch of bastards.

Ukraine unleashed an offensive to dislodge militants from towns in its eastern Donetsk region as Russia’s prime minister said the country risks civil war.

Ukrainian units backed by armored personnel carriers blocked all approaches to the town of Slovyansk, Russia’s state-run RIA Novosti news service reported, citing an unidentified pro-Russian activist. Two militants were wounded when an airport in Kramatorsk was stormed, forcing the protesters to retreat, according to RIA.

The government in Kiev started the operation after fighting between its forces and pro-Russian separatists turned deadly this week. The U.S. and the European Union also deliberated deepening sanctions against Russia, which they blame for stoking the unrest, as Barack Obama and Russian President Vladimir Putin remained at odds over who was at fault.

“The aim of these actions is to protect people,” acting President Oleksandr Turchynov said in a statement on his website. “Apart from Russian special forces and terrorists, there’s hundreds of thousands of innocent Ukrainian people deceived by Russian propaganda, and that is why we will take any needed anti-terrorist actions prudently and responsibly.”

Turchinov said the offensive, which he first announced on Sunday, was finally underway. "The anti-terrorist operation began during the night in the north of Donetsk region. But it will take place in stages, responsibly, in a considered way. I once again stress: the aim of these operations is to defend the citizens of Ukraine," he told parliament.

At least 15 armored personnel carriers displaying Ukrainian flags were parked by the side of a road around 50 km (30 miles) north of Slaviansk, witnesses said.

Ukrainian troops wearing camouflage gear and armed with automatic weapons and grenade launchers were stationed nearby, with a helicopter and several buses containing interior ministry personnel near the road.

Things just got bad. Really bad. The Russians are already using the excuse that this is a "civil war" in the Ukraine and that Russian forces have nothing to do with what's going on, and that the "illegitimate" government of Kiev is fighting the people of Ukraine who are resisting tyranny or something, because everyone really wants to be part of Russia, so of course we'll have to assist these rebels...

At the same time, the law's costs to the federal government are shrinking. According to the new projections, the federal government will spend more than $100 billion less on Obamacare's coverage provisions through 2024. That includes a downward estimate of about $5 billion this year. Overall, spending on the federal and state insurance exchanges are projected to cost 14 percent less than originally forecast.

The CBO said plans offered through the exchanges are narrower, allowing companies to keep premiums low and the federal government to pay less in subsidies. The lower spending projections on the Affordable Care Act will help shrink deficits overall. The CBO said the federal government will now run a deficit of $492 billion in fiscal year 2014, which is almost a 33 percent decrease from 2013.

But, but, but...death spirals! Unsustainable! Failure!

Watch the FOX News headline be "Seven MILLION Americans will lose employer health insurance by 2024 thanks to Obamacare!"

Of course, Republicans want to repeal Obamacare and take insurance coverage away from millions. Good luck with that.

Contributors

ZVTS Mobile Version

About ZVTS

With Republicans controlling the House and Senate and the Trump Regime now in charge of the Executive, there's still a crumbling global economy imperiling the world, rising nationalism and deadly racism across Europe and Asia, a seemingly endless war against terror, a federal government nobody trusts or believes in, global climate change putting us on the brink of destruction and a Village media that barely does its job on even the best day.

Needless to say there's a lot of Stupid out there when we need solutions. Dangerous levels of Stupid.

Zandar's Tip Jar

Subscribe To ZVTS

Podcast Versus The Stupid!

It's ZVTS, now in a 60-minute podcast!
Get your Zandar and Bon every Saturday and Wednesday!
Also, click on the iTunes button to put the show on
your iTunes podcast list and take us with you!
Or, check out the episode archive page!